Legal claims defining the scope of protection, as filed with the USPTO.
1. A method of detecting data corruption in a storage system, comprising: providing training data to a machine learning system, wherein the training data includes actual data used by the storage system and contains identified samples of encrypted data and unencrypted data; the machine learning system setting an entropy threshold based on the training data; examining portions of the data for encryption anomalies that include data that is flagged to be encrypted not being detected as being encrypted based on entropy of the data being less than the entropy threshold; and providing an indication in response to detecting an encryption anomaly.
2. A method, according to claim 1 , wherein the entropy of the data varies based on an inherent nature of the data.
3. A method, according to claim 1 , wherein one of the portions of data is deemed to be encrypted in response to an entropy value of the data exceeding a predetermined threshold.
4. A method, according to claim 1 , wherein portions of the data are examined for encryption anomalies during data accesses.
5. A method, according to claim 4 , wherein data accesses are suspended in response to detecting an encryption anomaly.
6. A method, according to claim 1 , wherein at least some of the encryption anomalies are based on a digital signature of the data.
7. A non-transitory computer readable medium containing software that detects data corruption in a storage system, the software comprising: executable code that receives training data that includes actual data used by the storage system and contains identified samples of encrypted data and unencrypted data as input for a machine learning system; executable code that uses the machine learning system to set an entropy threshold based on the training data; executable code that examines portions of the data for encryption anomalies that include data that is flagged to be encrypted not being detected as being encrypted based on entropy of the data being less than the entropy threshold; and executable code that provides an indication in response to detecting an encryption anomaly.
8. A non-transitory computer readable medium, according to claim 7 , wherein the entropy of the data varies based on an inherent nature of the data.
9. A non-transitory computer readable medium, according to claim 7 , wherein one of the portions of data is deemed to be encrypted in response to an entropy value wherein one of the portions of data is deemed to be encrypted in response to an entropy value of the data exceeding a predetermined threshold exceeding a predetermined threshold.
10. A non-transitory computer readable medium, according to claim 7 , wherein portions of the data are examined for encryption anomalies during data accesses.
11. A non-transitory computer readable medium, according to claim 10 , wherein data accesses are suspended in response to detecting an encryption anomaly.
12. A non-transitory computer readable medium, according to claim 7 , wherein at least some of the encryption anomalies are based on a digital signature of the data.
13. A storage system, comprising: a plurality of physical storage units; a plurality of disk adapters coupled to the physical storage units; a memory coupled to the disk adapters; a host adapter coupled to the memory to provide a data connection between the storage system and a host coupled to the storage system; at least one processor provided on a director board of the storage system, the director board also including at least one of: the host adaptor and a subset of the disk adapters; and a non-volatile computer storage medium coupled to the at least one processor and containing software that detects data corruption in a storage system, wherein the software includes executable code that receives training data that includes actual data used by the storage system and contains identified samples of encrypted data and unencrypted data as input for a machine learning system, executable code that uses the machine learning system to set an entropy threshold based on the training data, executable code that examines portions of the data for encryption anomalies that include data that is flagged to be encrypted not being detected as being encrypted based on entropy of the data being less than the entropy threshold, and executable code that provides an indication in response to detecting an encryption anomaly.
14. A storage system, according to claim 13 , wherein the entropy of the data varies based on an inherent nature of the data.
15. A storage system, according to claim 13 , wherein one of the portions of data is deemed to be encrypted in response to an entropy value of the data exceeding a predetermined threshold.
16. A storage system, according to claim 13 , wherein the entropy threshold is based, at least in part, on actual data used by the storage system.
17. A storage system, according to claim 13 , wherein portions of the data are examined for encryption anomalies during data accesses.
18. A storage system, according to claim 17 , wherein data accesses are suspended in response to detecting an encryption anomaly.
19. A storage system, according to claim 13 , wherein at least some of the encryption anomalies are based on a digital signature of the data.
Unknown
July 5, 2022
Browse 5M+ US patents with plain-English claim translations and AI-generated analysis.